Skip to Main Content
PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.
  1. Home
  2. News
  3. Security

Check Your Accounts: 10 Billion Passwords Exposed in Largest Leak Ever

The 'RockYou2024' database includes almost 10 billion passwords pulled from 'a mix of old and new data breaches.' Here's how to check if yours are at risk.

By Emily Price
July 6, 2024
A graphic with a username and password hovering over a keyboard (Credit: Shutterstock / Song_about_summer)

Are you reusing your passwords across multiple sites? It's time to reconsider.

Researchers at Cybernews have uncovered a massive trove of nearly 10 billion passwords on a popular hacking forum in what they're calling "largest password compilation" ever.

The file, titled rockyou2024.txt, was posted on July 4 by someone going by the name ObamaCare and contains a mind-boggling 9,948,575,739 unique plaintext passwords. The user only joined the forum in late May, but they've posted data from other breaches, too.

PCMag-Recommended Password Managers

Dashlane (Logo)

Dashlane Review

4.0
Excellent
NordPass logo on white background

NordPass Review

4.5
Outstanding
1Password Logo

1Password Review

3.5
Good

According to Cybernews, this RockYou2024 file is "a mix of old and new data breaches." So it's not necessarily a new breach that ensnared 10 billion passwords. But compiling all these passwords into one massive, searchable database "substantially heightens the risk of credential stuffing attacks," Cybernews says.

Credential stuffing is when someone takes passwords obtained from one data breach and uses them to try to log into unrelated services. For instance, someone might use a password obtained from the AT&T breach to see if you use the same password for your bank account.

Recommended by Our Editors

An illustration of a lock with a key and shield floating above it
The Best Free Password Managers for 2024
Password manager icons against a blue background
WWDC 2024 Fallout: Is Apple About to Kill Password Managers?
Two mobile devices against a blue and cream colored background
1Password vs. Dashlane: Which Is the Best Premium Password Manager?

This isn’t the first RockYou password drop, but it is the largest. In 2021, RockYou2021 included 8.4 billion plain text passwords. Cybernews suspects the current file version contains a compilation of passwords obtained over the past 20 years, including those original 8.4 billion, so there’s a good chance at least one of your passwords is in it.

Cybernews has a Leaked Password Checker where you can plug in codes to see if they've been exposed. If you spot one, or just think one of yours may be weak, change it immediately to a strong password. Then, double-check your other accounts to make sure you're not reusing any passwords across services, and enable multi-factor authentication if it's offered. A password manager can help you keep things organized.

How Your Password Was Stolen
PCMag Logo How Your Password Was Stolen

Like What You're Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.


Thanks for signing up!

Your subscription has been confirmed. Keep an eye on your inbox!

Sign up for other newsletters

Amazon Prime Day

The Best Early Prime Day Deals You Can Snag Right Now
By Jade Chung-Lee
Don't Get Duped! Watch Out for These Scams on Prime Day
By Chandra Steele
5 Amazon Prime Day Tips to Get the Best Deals
By Will Greenwald
Best Early Amazon Prime Day Deals on Robot Vacuums
By Drew Prindle
Best Amazon Prime Day Early Laptop Deals: Asus, LG, Samsung, and More
By Jade Chung-Lee
Best Early Amazon Prime Day Deals on Earbuds
By David Paiz-Torres
Best Early Amazon Prime Day Deals on Computer Monitors
By Gabriela Vatu
Best Early Amazon Prime Day Deals Under $50
By Gabriela Vatu
All
Amazon Prime Day Stories

Further Reading

AT&T: 'Nearly All' Customer Phone, Text Records Leaked, One Arrest Made
AT&T: 'Nearly All' Customer Phone, Text Records Leaked, One Arrest Made
By Kate Irwin
Google's Advanced Protection Program Swaps Security Keys for Passkeys
Google's Advanced Protection Program Swaps Security Keys for Passkeys
By Joe Hindy
Florida Pulls Its 'Smart ID' Digital Driver's License From App Stores
Florida Pulls Its 'Smart ID' Digital Driver's License From App Stores
By Jibin Joseph
Apple Warns iPhone Users in 98 Countries of 'Mercenary Spyware Attacks'
Apple Warns iPhone Users in 98 Countries of 'Mercenary Spyware Attacks'
By Michael Kan
Hackers Resurrect Internet Explorer to Attack Windows PCs
Hackers Resurrect Internet Explorer to Attack Windows PCs
By Michael Kan
Google Will Provide Free Dark Web Monitoring, Kill Its Paid VPN This Month
Google Will Provide Free Dark Web Monitoring, Kill Its Paid VPN This Month
By Kate Irwin
'Blast-RADIUS' Flaw Compromises Decades-Old Network Security Protocol
'Blast-RADIUS' Flaw Compromises Decades-Old Network Security Protocol
By Michael Kan
US Disrupts Russian Bots Spreading Propaganda on Twitter
US Disrupts Russian Bots Spreading Propaganda on Twitter
By Michael Kan

TRENDING

About Emily Price

Weekend Reporter

Emily Price

Emily is a freelance writer based in Durham, NC. Her work has appeared in The Wall Street Journal, The New York Times, Lifehacker, Popular Mechanics, Macworld, Engadget, Computerworld, and more. You can also snag a copy of her book Productivity Hacks: 500+ Easy Ways to Accomplish More at Work--That Actually Work! online through Simon & Schuster or wherever books are sold.

Read Emily's full bio

Read the latest from Emily Price